General

  • Target

    3f840bc2e09f1a7dbbd4836cc6448c70

  • Size

    505KB

  • Sample

    240104-bja4lsgda6

  • MD5

    3f840bc2e09f1a7dbbd4836cc6448c70

  • SHA1

    0e9f2b15848617c7b82daf76f9f740cb5f188ecb

  • SHA256

    0e5d5dc063c80fc75c45752bfbd4e3f6ffad0a19c08cbac1dfb749c16d233d74

  • SHA512

    70aaf67bf947b2e9ecfbb7b95a91aeed61dd29fbc11524ee3635246075b59b6ae4b71f68b6c131ab845e818c6e592b435b7d576489ec2a487f2b086663e26be8

  • SSDEEP

    12288:MCL3b+CrdUzBQiEUXI3tYkEraJ7gGM41tY3LpAvuTx:M6iCrKBQgX6srtdx

Malware Config

Extracted

Family

zloader

Botnet

vasja

Campaign

vasja

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    157

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      3f840bc2e09f1a7dbbd4836cc6448c70

    • Size

      505KB

    • MD5

      3f840bc2e09f1a7dbbd4836cc6448c70

    • SHA1

      0e9f2b15848617c7b82daf76f9f740cb5f188ecb

    • SHA256

      0e5d5dc063c80fc75c45752bfbd4e3f6ffad0a19c08cbac1dfb749c16d233d74

    • SHA512

      70aaf67bf947b2e9ecfbb7b95a91aeed61dd29fbc11524ee3635246075b59b6ae4b71f68b6c131ab845e818c6e592b435b7d576489ec2a487f2b086663e26be8

    • SSDEEP

      12288:MCL3b+CrdUzBQiEUXI3tYkEraJ7gGM41tY3LpAvuTx:M6iCrKBQgX6srtdx

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks